From Microsoft Windows to Mobile MFA, Updates Are a Must
Keeping applications updated is important—and not just because of convenience. Instead, outdated apps and obsolete software can represent a serious cybersecurity issue.
For instance, Microsoft will end support for Windows 8.1 on January 10, 2023—and, unlike Windows 7, no extended support will be offered to companies willing to pay extra for it. That extended support for Windows 7 will also end on January 10, 2023, making an upgrade to Windows 10 or 11 a must.
A recent security alert from Microsoft was blunt: “Continuing to use Windows 8.1 or Windows 7 after January 10, 2023, may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.”
More modern applications like Duo Mobile, one of the most popular multi-factor authentication apps on the market, are also making end-of-life announcements. Effective February 9, 2023, Duo will no longer issue security updates for its app running on smartphones powered by Android 8, Android 9, and iOS 13.
These are just two of the most recent end-of-support examples—and they highlight different ends of the cybersecurity spectrum. Businesses running Windows 7 or 8.1 will need to retire their old operating systems. Many will even have to upgrade to entirely new equipment. Older computers still running legacy applications supported by Windows 7 or 8.1 often don’t meet the technical requirements for running Windows 10 or 11.
Anyone still limping along with an old smartphone running Android 8 or 9 or iOS13 will also need to upgrade—and for similar reasons. The latest Google and Apple phones run Android 12 or iOS 16, which older devices can’t support. It’s a time-sensitive fix, too, since losing access to an MFA app like Duo Mobile can often lock users out of important email, file-sharing, and financial apps.
From a security standpoint, further gaps exist in day-to-day technology. Every device, no matter how basic or how powerful, must be updated from time to time. Desktops, laptops, servers, printers, smart TVs, and Wi-Fi routers all require updates. Even powerful new smartphones must regularly be patched to fix vulnerabilities.
So what can you do to protect your apps and keep your hardware safe?
1. Don’t disregard application notifications. Many smartphone updates occur automatically, but many require a manual download or a specific set of permissions. Others will only roll out and install if your phone is fully charged and connected to a Wi-Fi network. These day-to-day inconveniences make it easy to ignore a needed update. But if you see a red alert pop up on your Settings icon or a specific app, click on it to see what’s up. And if you aren’t sure what to do, contact a trusted IT provider who can provide advice or handle app updates automatically and behind the scenes.
2. Keep up with Software-as-a-Service (SaaS) subscriptions. These types of cloud-based applications have mostly replaced the old model of installing software from a disk or downloading it using a license key. Popular productivity suites like Microsoft Office 365 and Adobe Creative Cloud now allow users to access synchronized versions of desktop and web-based apps like Word, Outlook, and Acrobat, streamlining version control and empowering remote work. But many people neglect to turn on regular maintenance and automatic updates for these apps, falling behind on subscription fees or opting out of support.
3. Make a plan for legacy software. Speaking of maintenance, if you use older applications for certain industry-specific tasks—think custom-built SQI databases or FileMaker Pro files—it’s critical not to let those age out or lapse completely. An IT provider can help you formulate a migration plan onto a new, more modern, and more secure platform. In the long run, this can lead to compromised data, limited functionality, lost productivity, and more expensive costs to restore access or convert to a better option once your business has reached a crisis point.
4. Pay attention to permissions. It seems like every app wants access to your camera, microphone, contacts, and location. In most cases, the only box that should be checked is “While using the app only”—and even then, be careful about sharing sensitive data stored on your phone or laptop. Avoid storing passwords, addresses, and credit card numbers in your browser, as these can be used for targeted tracking and even stolen if you aren’t careful. Regularly review privacy settings and manually select the permissions you want to grant to specific apps. And if anything seems out of order, deactivate it or uninstall it immediately and contact a trusted IT provider.
5. Remove outdated or unused apps from your smartphone and laptop. We’re all guilty of letting apps languish on our home screens long after the last time we used them. But take the proactive route and remove them, mitigating security threats and freeing up device memory in the process. This can provide a major boost to device performance—as good a motivator as any to regularly check for old apps.
6. Maintain multi-factor authentication (MFA) access for all logins. If you haven’t already rolled out this critical step for every app, contact a trusted IT provider immediately. And if you have MFA in place, don’t try to circumvent it to save a few extra seconds of inconvenience. Always keep fingerprint, face ID, and lock screen settings on, as all of these provide an extra layer of protection in case your device is lost or stolen.
7. Back up your data! Depending on business needs, different types of hardware and software support are necessary for enhanced information protection. Traditional offices require a combination of onsite physical data backups and offsite cloud-based imaging. Hybrid businesses require regular file synchronization and seamless collaboration for remote workers. Companies operating under strict compliance requirements need to document each data backup, while other businesses just need a weekly or monthly summary of backup performance. No matter what, the best way to protect against app instability and software vulnerabilities is with regular, remote, and redundant data backup performed every day for every employee.
At CMIT Solutions, we build robust protections around every computer, every network, and every piece of data used by our clients. We monitor and maintain hardware and software so problems are resolved before they impact normal operations. And we roll out security updates whenever they’re needed to keep your employees working anytime, anywhere, from any device.
Not sure whether your apps are outdated? Worried your old devices could pose security problems? Contact CMIT Solutions today.